LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Burp Suite Essential Training

Unlock the full course today

Join today to access over 24,700 courses taught by industry experts.

Manipulating cookies

Manipulating cookies - Burp Suite Tutorial

From the course: Burp Suite Essential Training

Start my 1-month free trial Buy for my team

Manipulating cookies

“

- [Instructor] Let's look at how we modify cookies with Intruder. We'll use the DAP Server again. We need to enable cookies through this test and these are set off by default in Burp Suite's browser. So we'll go to proxy, switch intercept off and we'll open the browser. We'll select the browser options, settings, privacy and security, cookies and other site data and we'll allow all cookies. Okay, we've already seen the main website, so let's log in to start our session. 10.10.10.86. And we can log in with admin. Password1. From a testing point of view, we didn't find anything useful in this main site. However, there is another website on port 8080. So let's check that out. And we'll go to 8080. And we get a message saying access denied: password authentication cookie not set. Let's have a look at the message in Burp Suite. So we go to target, and then look at the message on 8080. And we can see the…

Contents